In one recent deal we were left with the thorny problem of Indemnity and who pays for it. Typically, if you are using proprietary code you are buying a pig in a poke (buying something in a black sack that the vendor says will do the job). The case of indemnity arises if a patent troll claims ownership and then sues the user for a multi-million dollar sum. The legal team then refers to the contract and points the troll's complaint at the software vendor who defends the claim (on the basis they know what's in the software and where it came from because they "own" it.) Now, it gets more complicated when companies acquire companies who acquire other companies who may have mashed together their apps over time. The enterprise needs to make sure it is not open to legal risk yet this places the burden of cost for defence and code parentage on the vendor - another cost that would need to be borne by Open Source vendors when dealing with the Enterprise.